Chenega Corporation Sr. Cyber Security Incident Handler, SME in Fort Huachuca, Arizona
CHENEGA IT ENTERPRISE SERVICES, LLC
Company Job Title:
Sr. Cyber Security Incident Handler, SME
Fort Huachuca, Arizona
Exempt, Full Time, Regular
Summary:This Sr. Cyber Security Incident Handler, SME will be responsible for the application of processes and incident response procedures consistent with DoDD O-8530.1; NIST 800 series, specifically, NIST 800-61, Rev2 “Computer Security Incident Handling Guide” and NIST 800-86 “Guide to Integrating Forensic Techniques into Incident Response” and any other controls and tools (e.g. Hercules VMS, SCCM, HBSS, McAfee and Symantec antivirus) that are applicable to information and network system security
Essential Duties and Responsibilities:(Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position)
Act as an Incident Commander for high impact cyber breaches and advanced attacks in accordance with Cyber Kill Chain methodology and incident response process.
Responsible for conducting various incident response activities
Understand Incident Response processes and participate in analysis, containment, and eradication of cyber security events and incidents.
Conduct malware analysis and identification of Indicators of Compromise (IOCs) to evaluate incident scope and associated impact
Utilize analytic experience to address cyber-attacks and mitigate indicators and correlations to identify attribution and potential threat and impact
Enhance workflow and processes driving incident response and mitigation efforts
Execute the Incident Response Lifecycle to drive threat remediation and identify strategic countermeasures improving future defenses
Perform analysis of logs from various security controls, including, but not limited to, firewall, proxy, host intrusion prevention systems, endpoint security, application and system logs, to identify possible threats to network security.
Analyze security events in partnership with other support organizations to counteract malicious activity detected on the network.
Assist in conducting both Internet and conventional research to complete technical analysis and testing.
Assist in researching security events using complex technical and analytical tools and methods to protect customer information systems and networks.
Implement methods and tools that support Computer Network Defense Service Provider Program (CNDSP) operations in support of the customer's mission.
Analyze security events using approved tactics, techniques, tools and procedures.
Elevate security events for further investigation.
Provide input for security incident reports.
Perform intermediate-level risk analyses tasks, which also includes risk assessment.
- Other duties as assigned
Minimum Qualifications:(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)
Bachelor’s Degree and 8 years’ experience; OR Associates Degree and 10 years of experience; OR High School Diploma and 12 years’ experience
Experience as an Cybersecurity/Information Assurance professional.
IT Level I; CSSP-IR; GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler, and IAT Level III Baseline Certification; Computing Environment Cert; ITIL Foundations certified (within 3 months)
iWATCH; AR 25-2 - IA Awareness; AT Level I; Level I OPSEC; CUI; ALMS Security; AHIMA HIPAA – Privacy and Security training required
TS/SCI clearance required
Knowledge, Skills and Abilities:
Leadership and self-direction skills are highly desired.
Knowledgeable of Security/Information Assurance (IA) products such as PKI, VPN, firewalls, and intrusion detection and prevention systems.
Ability to provide on-call support 24 hours a day, seven days a week.
Ability to solve complex problems utilizing creative thinking skills.
Strong communication skills.
Ability to critically analyze and understand the systems and communicate system requirements to the customer and leadership.
Ability to travel as required.
Ability to meet eligibility requirements of a government security clearance for access to classified information
- Shows respect and sensitivity for cultural differences; Educates others on the value of diversity; Promotes a harassment-free environment; Builds a diverse workforce.
- Treats people with respect; Keeps commitments; Inspires the trust of others; Works with integrity and ethically; Upholds organizational values.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this Job, the employee is regularly required to sit and talk or hear. The employee is frequently required to walk; use hands to finger, handle, or feel and reach with hands and arms. The employee is occasionally required to stand; climb or balance and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.
The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment.
During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise.
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer Minorities/Women/Veterans/Disabled/Sexual Orientation/Gender Identity
Native preference under PL 93-638.We participate in the E-Verify Employment Verification Program
Organization: Chenega IT Enterprise Services, LLC
Title: Sr. Cyber Security Incident Handler, SME
Location: Arizona-Fort Huachuca
Requisition ID: 1800003219